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REMARKS 

Claims 1-7, 9-19, 21-31 and 33-47 arc all Hie claims pending in the application. B ' this 
Amendment, Applicant amends claims 1,13, 25, 37, and 43 to further clarify the inventioi . In 
addition, Applicant adds claims 44-46. 

Statem ent of Substance of the Interview 

Applicant thanks the Examiner for the courteous telephonic interviews. The Stater lent of 

Substance of the Interview is as follows: 

During the Interview, independent claim 43 was discussed i l view of the prior art r f 
record. In an attempt to expedite the prosecution in the present application, the Examiner . nd the 
Applicant discussed possible amendments to Ihe independent claims that would more clcai ly 
distinguish the present invention set forth in the independent claims from the prior art of rc ;ord. 

In particular, the Examiner appeared to agree that the combination of verification, / e\ 
"when the received user name and the computer identifier matches *hc parsed user name ai d the 
computer identifier, using the parsed server user identifier to acess the server/' and the use of the 
generated authentication key to access the data store, i.e., "the user lecesses the data store * na the 
server using the generated authentication key, and wherein, when the server user identifier 
changes, a new authentication key is generated for the user and the user accesses the data s ore 
via the server using the new authentication key" is not taught or suggested by the prior art < -f 
record. 

In view thereof, Applicant amends the claims 1,13, 25, and 43 to further clarify the 
invention. In addition, in order to provide more varied protection, new claims 44-47 are ad Jed. 
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Cl aim Rejections under 35 U.S.C. jJ03 

Claims 1-7, 9-19,21-31, and 33 to 43 stand rejected under ? 5 U.S.C. § 103(a). Applicant 
respectfully traverses in view of the following remarks. 

Stuffings and firyant 

In particular, claims U7 S 9-11, 13-19, 21-23, 25, 31 , 33-35, 42 and 43 arc now reje :ted 
under 35 U.S.C. § 103(a) as being unpatentable over Stallings Cryp tography and Network 
Security 2 nd Edition (hereinafter "Stallings") in view of Bryant "Designing an Authcnlicato an 
System: a Dialogue in Pour Scenes" (hereinafter "Bryant"). Of these rejected claims, only 1, 13, 
25, and 43 are independent This response will initially focus on these independent claims 

Among a number of unique features of claim 1, not taught or suggested by the prio art, is 
". ..when the received user name and the computer identifier matches the parsed user name and 
the computer identifier, using the parsed server user identifier to acitss the server, wherein he 
user accesses the data store via the server using the generated authentication key, and whci jih, 
when the server user identifier changes, a new authentication key is generated for the user md 
the user accesses the data store via the server using the new authentication key." 

In the conventional unified logon systems, each client computer connected to a dati base 
server computer needs to have a corresponding user identifier and password created on the server 
computer, in addition to having a user name and a password to log onto the client compute . 
ITns requirement creates an administrative nightmare because of maintaining and managin ; all 
the client user names and passwords with the corresponding server user IDs and passwords 
Moreover, when a server password or ID is changed, the system administrator needs to not fy the 
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users of their new password or server ID, creating additional sccunty risk of the message 1 >eing 
intercepted by hackers. 

In the method as set forth in claim 1 , however, the authentication key is generated 'based 
on a user name and a computer identifier" and the authentication key "includes a server us ar 
identifier." As a result, the administrator need not forward the server ID to the user. Instc .id, the 
server ID is sent to the user in an authentication key ha_sed only on the user name and a co nputer 
identifier received from the user. The user will use this authentication key to access the sc rvcr, 
i.e., "when the received user name and the computer identifier matches? the parsed user nat le and 
the computer identifier, using the parsed server user identifier lo ae^ss the server.** 

Moreover, one server ID can be used for a number of users, and each user will still have a 
unique authentication key. Finally, "when the server user identifiei changes, a new 
authentication key is generated for the user and the user accesses xhe data store via the sen er 
using Ihe new authentication key." Accordingly, the notification process is more secure ai d 
easier to implement for the administrator. This passage is provided by way uf an explanatt .ry 
example only. 

Stalling*, similar to the conventional techniques described above, teaches a client s ending 
a server ID, along with the client name and password. These server ID, client ID and clicn 
password are encrypted by the authentication system to create a ticket for the client. The c icnt 
then uses this ticket to gain access to the server. The server verifies client ID with the encr /pted 
client ID in the ticket. If the two match, access to server is provided (page 326 of Stalling? k 
This is no different from the conventional techniques described in the background of the 
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invention. When the administrator changes the server ID, a new server ID has to be sent t< » the 
user, creating additional security risk of the message being intercepted by hackers. 

Bryant, is no different from Stalling*, except that Bryant's ticket includes a networ ; 
address of the client computer, which is checked against the network address of the client, which 
sent the ticket (page 5 of Bryant), Thus, this design guards against the interception of the 1 ckcl 
and attempts to send it from a different computer. Bryant, however, fails to address the problem 
of changing server IDs for the user. 

The Examiner acknowledges that both Stalling* and Bryant fail to teach or suggest he 
authentication key including a server user identifier. The Examiner, however, now alleges hat 
such an inclusion would be an obvious enhancement. For support, the Examiner cites syst< ms 
such as Windows, NT, Unix, Linux (see pages 5-6 of the Office Action). Applicant respec fully 
disagrees. If the Examiner decides to maintain this rejection, Applicant respectfully roquet- the 
iixamincr to substantiate this argumentation with additional refcrem es for the following re. sons. 

Stalling and Bryant do not teach or suggest having a server user identifier in the tiel el. 
The systems mentioned by the Examiner, similar to the conventiona:. techniques described J a 
Applicant's specification, provide the user, e.g., via email, with a user identifier and a pass) /ord, 
which the user has to enter to access the scrviee. The systems mentioned by the Examiner i o not 
teach or suggest any kind of encryption for this identifier and this password. 

Moreover, none of these systems including Stalling's and Bryant's system recognizi the 
problem of managing user name and password with the server identifier and password and i s 
such do not provide any suggestion to place the server user identifier into a ticket. Finally, his 
allegedly obvious enhancement would require significant modifications to the system of 

16 

PAGE 19/24 1 RCVD AT 4/26/2005 5:38:46 PM [Eastern Daylight Time] * SVR;USPTO-EFXRF-1/0 * DNIS:8729306 * CSID:2022937860 * DURATION (mm«ss):0W6 



04/26/2005 16:43 FAX * 2022937880 



@l 020/024 



AMENDMENT UNDER 37 C.F.R §1.111 
U.S. Appln. No. 09/5 1 3,065 
Attorney Docket No.: A81 17 

Sellings and Bryant. That is, instead of simply identifying the user, the systems would he ve to 
recognize that an additional key should be extracted and used to access the server. In shor 
Applicant respectfully submits that including a server user identifier along with the user n: me is 
clearly not an obvious enhancement and but for the present invention there is no suggestio 1 to 
include the server user identifier into the ticket as taught by the combined teachings of Sta lings 
and Bryant. 

Moreover, even assuming arguendo that including a server !D is an obvious 
enhancement, the combined teachings Stallings and Bryant still fail to teach or suggest lha 
"when the received user name and the computer identifier matches :he parsed user name ai d the 
computer identifier, using the parsed server user identifier to aeess ihe server/' That is, in 
Stalling and Bryant, once the user is verified, he is permitted to acojss the server. There is no 
teaching or suggestion to use o parsed server user identifier to access the server. Morcovei , there 
is no teaching or suggestion that when the server ID changes, instead of sending to the elie U a 
new server ID (creating additional security risk of the message bein^ intercepted by haekei 
creating a new authentication key and providing the user with a new authentication key as 
opposed to a new server ID. 

Therefore, "...when the received user name and the compute identifier matches tht 
parsed user name and the computer identifier, using the parsed server user identifier to ace^ s the 
server, wherein the user accesses the data store via the server using ihc generated authentic ition 
key, and wherein, when the server user identifier changes, a new authentication key is gene -ated 
for the user and the user accesses the data store via the server using the new authentication cey," 
as set forth in claim I is not suggested or taught by the combined teachings of Stallings and 
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Bryant, which lack any suggestion of including the server user identifier into the authentic ition 
key, using the parsed server user identifier to access the data store, and generating a new 
authentication key for the user when the server user identifier changes. 

For at least these exemplary reasons, Applicant respectfully submits that claim 1 is 
patentable over the combined teachings of Stalling and Bryant. Together, the combined 
teachings of these references would not have (and could not have) led the artisan of ordina y skill 
to have achieved the subject mater of claim 1 . Since claims . 2-7, 9- ! 1, and 42 arc dependent 
upon claim 1, they are patentable at least by virtue oftheir dependency. 

Next, Applicant respectfully traverses this rejection with respect to independent cla ms 
1 3, 25, and 43. These independent claims recite similar features to he features argued abo /e 
with respect to claim 1. Therefore, arguments submitted with respect to claim 1 apply witf equal 
force here. For at least substantially the same reasons, therefore, Applicant respectfully 
requests the Kxaminer to withdraw this rejection of independent da ms 1 3, 25, and 43. Ck ims 
14-19 and 21-23, and claims 26-3 1 and 33-35, arc patentable at teas: by virtue uf their 
dependency on claims 13 and 25, respectively. 

Stalling*, Bryant, Fuh, VeriStgn, and Schtteier 
Claims 12, 24 and 36 are rejected under 35 U.S.C § 1 03(a) fis being unpatentable o 'er 

Stallings in view of Bryant and further in view of U.S. Patent No. 6,463,474 to Fuh et al 
(hereinafter "Fuh"). Claims 37-40 are rejected under 35 U.S.C. § 103(a) as being unpatent; ble 
over Stallings in view of Bryant further in view of VcriSign "Certification Practice Stateme it" 
(hereinafter "VcriSign"). Alternatively or in addition, it seems that claims 38-40 arc rejeett d 
under 35 U.S.C. § 103(a) as being unpatentable over Stalling, Bryant, Fuh , and VeriSign (si c 
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page 1 1 of the Office Action); clarification with respect to claims 38-40 is respectfully req jested. 
Finally, claim 41 is rejected under 35 U.S.C. § 1 03(a) as being unpatentable over Stallings in 
view of Bryant and further in view of Schneier Applied Cryptograp hy (hereinafter "Schnc cr")- 
Applicant respectiiilly submits that Fuh, VeriSign, and Schneier do not cure the deficient 
teachings of Stallings and Bryant, Therefore, claims 12, 24, 36, 37 41 are patentable at lei st by 
virtue of their dependency. 

Jn addition, claim 37, now recites: "wherein the generated authentication key lor at cess 
to the server is sent to a user, and further comprises a server password, and wherein when i be 
server password changes, a unique new authentication key based on the server user identifj ami 
the server password is sent to the user." Applicant respectfully subinils that the combined 
teachings of Stallings, Bryant, and VeriSign do not teach or suggest these unique features t f 
claim 37. For at least this additional reason, claim 37 is patentable. 

Moreover, with respect to claim 41, Applicant respectfully submits thai one of ordinary 
skill in the art would not have been motivated to combine Schneier *ilh Stallings and Bryb it. 
Schneier is very different from Stallings and Bryant. Stallings and Hryant address the prob.em 
of access control by a variety of users. Tn other words, Stallings and Bryant are related to 
providing a use r with a kev to access a protected, secure system . 

Schneier, on the other hand, is related to splitting a secret (a message) amongst a nu nber 
of users to prevent each individual user to gain access without the olher (page 70). That is, 
Schneier teaches not allowing an individual user to access a protecte d item alone. In Schnc er, 
each user must combine his or her part of a message, for example, to access the protected it ;m. 
The Examiner alleges that Schneier teaches "the user to use the secret to obtain the services of a 
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server" Schneier, however, teaches just the opposite. Schneier teaches that a user will n , the 
ableto access a service and that only a number of users BH Ai BHl , b y combining their pai t of the 
secret) can access the service, e.g., Trent splits a secret between Alice and Bob, or Alice, J !ob, 
Carol, and Dave (pages 70 to 73). 

One of ordinary skill in the art would not have combined Schneier with StalUngs a id 
Bryant at least because that would mean that the users would have in gel together to aceos: a 
secret item, alleged service, as opposed to each user obtaining access to the service. In sh< rt, one 
of ordinary skill in the art would not have been motivated to combine the three references n the 
manner suggested by flic Examiner. In addition, (me of ordinary skill would not have turn, d to 
the secret sharing scheme when designing a Kcrberos system so as io provide each user wi h his 
or her own individual access. The only reason to turn to Schneier i* to try to meet the novt I 
features of claim 41 But for the present invention, there is no reascn to turn to the secret s wring 
-scheme of Schneier. For at least this additional reason, claim 41 is patentable over Stalling i, 
Bryant, and Schneier. 

New Claims 

In order to provide more varied protection. Applicant adds claims 44-46. Claims 44 -46 
are patentable at least by virtue of their dependency on claim I . 

Conclusion 

m view of the above, reconsideration and allowance of this application arc now belii ved 
lo be in order, and such actions arc hereby solicited. If any points remain in issue which the 
Examiner feels may be best resolved through a personal or telephone interview, the Examin :r is 
kindly invited to contact the undersigned attorney at the telephone number listed below. 
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The USPTO is directed and authorized to charge all required fees, except for the Is sue 
Fee and the Publication Fee, to Deposit Account No. 19-4880. Ptaisc also credit any 
overpayments to said Deposit Account, 

The undersigned hereby certifies that the above identified correspondence is being 
facsimile transmitted to Examiner Jung W, Kim at the Patent and Trademark Office on April 26, 
2005 al facsimile no. 703-872-9306. 



Respectfully submitted, 



SUGURUE MION.PLLC 
Telephone: (202) 293-7060 
Facsimile: (202)293-7860 




NataJiya Dvorseh 
Registration No. 56,6 1 6 



23373 



Dale: April 26, 2005 



Attorney Docket No. : AX 1 1 7 
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